In an earlier post, I referencedthe CEO of Symantec, Enrique Salem’s speech at the RSA conference where he talked about operationalizing your security. This week I have been working at several clients doing Proof of Concepts on Symantec DLP. This week has lead to think very hard on how the different peices of the Symantec stack fit together very neatly.
No longer are we secure because we run anti-virus plus proper firewalls in place, we need a system in place to deal with the changing threats. Three years ago I was working as a network administrator for a private bank, we had a security policy in place, we managed our Windows Updates, we had network scans done quarterly and penetration testing done as well. Were we secure? Maybe, maybe not there were a lot of things I did not have visibility into. Did we have data leakage? Were our severs in compliance? Were people copying data on to USB drives/DVD drives? I just didn’t know.
Now with the different products in the Symantec product set we can work on getting that visiblity we need. it is not be the draconian IT department that all the other departments fear. It is about being safe with our companies data and being smart with what we are trusted with.
More thoughts to follow as I start to work on Operationalizing Security